Bump org.atmosphere:atmosphere-runtime from 3.1.0 to 4.0.40

[dependabot]

Bumps org.atmosphere:atmosphere-runtime from 3.1.0 to 4.0.40.

Release notes

Sourced from org.atmosphere:atmosphere-runtime's releases.

Atmosphere 4.0.40

✨ Added

• policy plane, multi-agent governance, sample retrofit
• render tokens / elapsed / tok/s footer on stream complete
• approve/deny widget for @​RequiresApproval tools
• route demo mode through the pipeline via DemoAgentRuntime

🐛 Fixed

• isolate coordinator types from CommitmentRecordView AOT walk
• native-image AOT + CLI E2E SNAPSHOT compat
• survive recycled async request during streaming disconnect
• ship classic chat SPA at / (was hanging silently)
• emit tool-start/tool-result at shared execution seam
• parse nested LLM error envelopes into a compact error card
• ship atmosphere-admin transitively for /atmosphere/admin/
• accept both type and kind as Part discriminator on parse
• redirect / to /atmosphere/console/ when no root UI ships
• rewrite URL so SK 1.4.0 works against non-OpenAI endpoints
• correct README endpoint + broadcaster path
• disable auth by default in sample, document toggle
• always set ToolCallBehavior to avoid SK 1.4.0 NPE
• gate prompt_cache_key by provider hostname for Gemini compat
• return 404 for unmapped /atmosphere/* paths instead of 500

🔧 Changed

• correct AgentWorkspace adapter list — drop fabricated SWE-bench
• drop (v0.5) suffix from Foundation E2E workflow name
• add .mvn/** + workflow_dispatch to all maven-build workflows
• use modern attribute in remaining logback configs
• document LLM provider choices + Gemini free-tier cap
• bind ResourceFactory to server + fix logback config
• re-enable auth in spring-boot-ai-chat fixture for auth specs
• bump version to 4.0.39
• prepare for next development iteration 4.0.40-SNAPSHOT

Full Changelog: Atmosphere/atmosphere@atmosphere-4.0.39...atmosphere-4.0.40

Atmosphere 4.0.39

✨ Added

• serve /favicon.ico from both starters to kill the default 404 AtmosphereFaviconAutoConfiguration returns the Atmosphere logo PNG on /favicon.ico and /favicon.png for every app using the starter; opt out with atmosphere.favicon.enabled=false.
• reattach e2e — harness sample + direct-writer replay + CI job RunReattachSupport now writes the joined buffer straight to response.getWriter() (U+001E between events); broadcaster routing fed the payload back into the @​Prompt dispatcher. New spring-boot-reattach-harness plus a SyntheticRunController give Playwright a deterministic HTTP surface — foundation-e2e.yml runs the spec on every push so the reattach wire is proven end-to-end, not just in unit tests.
• TokenUsage → CostCeilingGuardrail.addCost bridge + ownership fix CostAccountingSession wraps every @​Prompt session when a CostAccountant is installed; built-in CostCeilingAccountant(guardrail, pricing) closes the observability→enforcement loop. Spring Boot auto-configuration installs it and a DisposableBean resets the holder on shutdown, which also fixes broadcaster listener ownership symmetry on the PII installer.
• cpr-core moat — broadcaster PII, tenant drift, cost ceiling, reattach test PiiRedactionFilter auto-installs on every broadcaster (present + future) so response-path PII is rewritten in-flight — framework owns the transport. OutputLengthZScoreGuardrail partitions its rolling window by business.tenant.id MDC so one tenant cannot poison another's baseline. New CostCeilingGuardrail blocks outbound @​Prompt per tenant once cumulative cost hits budget (observability→enforcement). writeEnabled resolved per-call in both starters for runtime lockdown. RunReattachSupport extracts the replay-on-reconnect path with 5 regression tests. Operator docs split Spring + Quarkus setup with principal-chain paragraphs.
• wire Flow tab into the admin console — SVG graph over /api/admin/flow New tab renders the coordination journal as a circle-layout SVG: nodes = agents, edges = dispatch count + success/failure/avg-duration, red on failure, arrowheads for direction. Optional coordination-id drilldown and lookback-minutes filter. Zero external graph library — plain SVG, adequate for fleet sizes Atmosphere runs. Mirrored across spring-boot-starter and spring-boot3-starter admin assets.
• observability + guardrails + admin auth + flow viewer Observability layer (BusinessMetadata → SLF4J MDC, FactResolver), default guardrails (PII redaction, drift z-score), admin-write auth triple-gate (feature flag → Principal → ControlAuthorizer), agent-to-agent flow viewer (/api/admin/flow), run reattach consumer, gateway admission on handle-based paths, framework-scoped resolution for all v0.8 primitives. Samples boot via spring-boot:run + actuator health; foundation-e2e gates merges including Docker sandbox.
• foundation hardening — primitive wire-in, Sandbox gate, PermissionMode
• AI Agent Foundation — 8 primitives, 2 proof samples, strict OpenAI-compat tool round-trip

... (truncated)

Changelog

Sourced from org.atmosphere:atmosphere-runtime's changelog.

[4.0.40] - 2026-04-24

Added — Tool-call admission, per-request scope, audit sinks

• Tool-call admission seam (1def61ddf0) — PolicyAdmissionGate.admitToolCall builds a synthetic AiRequest whose metadata carries tool_name, action, and an argument preview so MS-schema rules over tool_name fire before the tool's executor runs. ToolExecutionHelper consults the gate on every @AiTool dispatch; the canonical MS example {field: tool_name, operator: eq, value: delete_database, action: deny} fires without operator plumbing. OWASP A02 upgraded from PARTIAL to COVERED.
• @AgentScope.postResponseCheck (2913da1b81) — when enabled on a high-stakes scope, ScopePolicy re-classifies the streamed response text against the declared purpose. OUT_OF_SCOPE responses become Deny with a post-response: prefix; errors fail-open on the response path (bytes already on the wire). POLITE_REDIRECT breaches downgrade to Deny because Transform can't rewind a stream.
• Cross-provider governance contract (613d216019) — AbstractAgentRuntimeContractTest.policyDenyBlocksRuntimeExecute is inherited by all seven runtime adapters (Built-in, Spring AI, LangChain4j, ADK, Embabel, Koog, Semantic Kernel); the "deny before runtime" guarantee is now a build-time invariant for each provider.
• Per-request ScopePolicy install (334bde4969) — an interceptor can write a ScopeConfig under ScopePolicy.REQUEST_SCOPE_METADATA_KEY and the pipeline / streaming session / admission gate install a transient ScopePolicy ahead of endpoint-level policies for that one turn. Classroom sample uses this for per-room scope (math / code / science / general) — one @AiEndpoint hosts four personas, each with its own purpose and forbidden-topic set. perRequestScopeBlocksRuntimeExecute extends the cross-provider contract to the per-request path.
• Admin console governance views — three Vue views under the existing Atmosphere Console (/atmosphere/console/) poll /api/admin/governance/{policies,decisions,owasp} on live intervals. Tabs auto-hide when governance is not installed. Verified end-to-end against the classroom sample via chrome-devtools (tabs render, OWASP matrix shows 7 Covered / 1 Partial / 1 Design / 1 Not-addressed, zero console errors).
• Persistent AuditSink SPI — GovernanceDecisionLog.addSink(AuditSink) fans every admission decision out to registered sinks while keeping the ring buffer authoritative for the admin console. Sink failures are isolated: one unreachable Kafka broker does not take down the pipeline. AsyncAuditSink wraps a blocking delegate with a bounded drop-on-full queue so the admission thread never blocks on IO (Backpressure invariant #3). Two reference modules ship: atmosphere-ai-audit-kafka (KafkaAuditSink → JSON to any topic) and atmosphere-ai-audit-postgres (JdbcAuditSink → JDBC upsert with schema auto-create, works against any JSR-221 DataSource; tests exercise H2 in-memory). The JSON shape matches MS Agent Governance Toolkit's audit_entry so downstream SIEM consumers of either system can read both.

... (truncated)

Commits

• 4e66761 release: Atmosphere 4.0.40
• 633d57e fix(admin): isolate coordinator types from CommitmentRecordView AOT walk
• f66270b fix(admin,cli): native-image AOT + CLI E2E SNAPSHOT compat
• b6cdced feat(governance): policy plane, multi-agent governance, sample retrofit
• 17d404d docs(agent): correct AgentWorkspace adapter list — drop fabricated SWE-bench
• 1ad0dd7 ci: drop (v0.5) suffix from Foundation E2E workflow name
• bf671c3 ci: add .mvn/** + workflow_dispatch to all maven-build workflows
• ee4c90d build: force GIB off by default via .mvn/maven.config
• 99e2e02 fix(ai,cpr): survive recycled async request during streaming disconnect
• db05bbe build: diff-aware pre-push via Gitflow Incremental Builder
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #3077.